A man who was in command of the botnet, Bredolab, controlling some 30 million computers worldwide, has been sentenced to four years jail in Armenia. According to prosecutors, Georg Avanesov was earning £80,000 a month, renting out access to the compromised computers to criminals who wanted to send out spam, spread malware and fake anti-virus attacks, and launch DDoS attacks. At its peak, it is estimated that Avanesov's botnet was spewing out more than 3 billion infected emails every day. Often, attacks designed to recruit new computers into the botnet would be spammed out, pretending to come from the likes of Facebook, Skype and Amazon with an attached HTML file, luring users into clicking and being ultimately infected by a compromised third-party website.
It's curtains for Avanesov
“It's easy to see how such a large network of infected PCs was created, as people clicked on seemingly legitimate attachments and websites, oblivious to the infection that would go on to take control of their PC, and in some cases steal passwords and usernames,” said Graham Cluley, Senior Technology Consultant at Sophos.
Legitimate websites were hacked to spread the malicious payloads that infected and recruited visiting computers into the botnet, and further malware would be installed which stole usernames and passwords to FTP accounts. This would inevitably result in even more websites becoming infected, and the botnet multiplying in size. “The judgment is something of a historic event in Armenia – as it is the first such computer crime-related sentence to be handed out in the country. And, the story may not be over yet, as others will have definitely been involved in the cybercrime operation, and may still be brought to justice. Furthermore, it is possible that lawsuits may still be filed by overseas parties for the crimes that were committed worldwide“, added Graham Cluley.